Add hostname listener for generating self-signed HTTPS certificate

- Add a hostname listener that will create a self-signed HTTPS
  certificate with the appropriate subject when the BMC gets its
  hostname assigned via IPMI. The "insecure-disable-ssl" must be
  disabled for this feature to take effect.

 Note:
   - New self-signed certificate subject: C=US, O=OpenBMC, CN=${hostname}
   - If the same hostname is assigned, it will not be triggered
   - Only the self-signed certificate with Netscape Comment of
     "Generated from OpenBMC service" will be replaced

 Details about certificate key usage:
   - NID_basic_constraints
     The CA boolean indicates whether the certified public key may be
     used to verify certificate signatures.
     Refer to: https://tools.ietf.org/html/rfc5280#section-4.2.1.9
   - NID_subject_alt_name
     Although the use of the Common Name is existing practice, it is
     deprecated and Certification Authorities are encouraged to use the
     dNSName instead.
     Refer to: https://tools.ietf.org/html/rfc2818#section-3.1
   - NID_subject_key_identifier
     The subject key identifier extension provides a means of
     identifying certificates that contain a particular public key.
     Refer to: https://tools.ietf.org/html/rfc5280#section-4.2.1.2
   - NID_authority_key_identifier
     The authority key identifier extension provides a means of
     identifying the public key corresponding to the private key used
     to sign a certificate.
     Refer to: https://tools.ietf.org/html/rfc5280#section-4.2.1.1
   - NID_key_usage
   - NID_ext_key_usage
     id-kp-serverAuth
     -- TLS WWW server authentication
     -- Key usage bits that may be consistent: digitalSignature,
     -- keyEncipherment or keyAgreement
     Refer to: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
     Refer to: https://tools.ietf.org/html/rfc5280#section-4.2.1.12

 Tested:
   - To test and verify the service is functionally working correctly,
     we can use `openssl` and `ipmitool` to execute the following
     commands:
     - Assign BMC hostname
       ipmitool -H $IP -I lanplus -U root -P 0penBmc -C 17 dcmi
       set_mc_id_string $hostname
     - Get BMC server certificate infomation
       echo quit | openssl s_client -showcerts -servername $IP -connect
       $IP:443

Signed-off-by: Alan Kuo <Alan_Kuo@quantatw.com>
Change-Id: I24aeb4d2fb46ff5f0cc1c6aa65984f46b0e1d3e2
diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp
index 3e796c2..b5bc28c 100644
--- a/src/webserver_main.cpp
+++ b/src/webserver_main.cpp
@@ -4,6 +4,7 @@
 #include <boost/asio/io_context.hpp>
 #include <dbus_monitor.hpp>
 #include <dbus_singleton.hpp>
+#include <hostname_monitor.hpp>
 #include <ibm/management_console_rest.hpp>
 #include <image_upload.hpp>
 #include <kvm_websocket.hpp>
@@ -124,6 +125,11 @@
     }
 #endif
 
+#ifdef BMCWEB_ENABLE_SSL
+    BMCWEB_LOG_INFO << "Start Hostname Monitor Service...";
+    crow::hostname_monitor::registerHostnameSignal();
+#endif
+
     app.run();
     io->run();